Home Page Icon
Home Page
Table of Contents for
Inside Cyber Warfare
Close
Inside Cyber Warfare
by Jeffrey Carr
Inside Cyber Warfare, 2nd Edition
Inside Cyber Warfare
Foreword
Preface
How This Book Came to Be
Conventions Used in This Book
Attributions and Permissions
How to Contact Us
Safari® Books Online
Acknowledgments
1. Assessing the Problem
The Complex Domain of Cyberspace
Cyber Warfare in the 20th and 21st Centuries
China
Israel
Russia
The Second Russian-Chechen War (1997–2001)
The Estonian cyber attacks (2007)
The Russia-Georgia War (2008)
Iran
North Korea
Cyber Espionage
Titan Rain
Cyber Crime
Future Threats
Increasing Awareness
Critical Infrastructure
The Conficker Worm: The Cyber Equivalent of an Extinction Event?
Africa: The Future Home of the World’s Largest Botnet?
The Way Forward
2. The Rise of the Nonstate Hacker
The StopGeorgia.ru Project Forum
Counter-Surveillance Measures in Place
The Russian Information War
The Foundation for Effective Politics’ War on the Net (Day One)
The Gaza Cyber War between Israeli and Arabic Hackers during Operation Cast Lead
Impact
Overview of Perpetrators
Motivations
Hackers’ Profiles
Team Evil
Cold Zero (aka Cold Z3ro or Roma Burner)
Team Hell (aka Team H3ll or Team Heil)
Agd_Scorp/Peace Crew (aka Agd_Scorp/Terrorist Crew)
Jurm Team
C-H Team (aka H-C Team)
Hackers Pal
Gaza Hacker Team
DNS Team
!TeAm RaBaT-SaLe! (aka Team Rabat-Sale or Team Rabat-Sala)
DZ Team
Ashianeh Security Group
Nimr al-Iraq (“The Tiger of Iraq”) and XX_Hacker_XX
Methods of Attack
Distributed denial of service (DDoS) capability
Website defacements
Viruses and Trojans
Israeli Retaliation
Control the Voice of the Opposition by Controlling the Content in Cyberspace: Nigeria
Are Nonstate Hackers a Protected Asset?
3. The Legal Status of Cyber Warfare
Nuclear Nonproliferation Treaties
The Antarctic Treaty System and Space Law
UNCLOS
MLAT
United States Versus Russian Federation: Two Different Approaches
The Law of Armed Conflict
Is This an Act of Cyber Warfare?
South Korea
Iran
Tatarstan
United States
Kyrgyzstan
Israel and the Palestinian National Authority
Zimbabwe
Myanmar
Cyber: The Chaotic Domain
4. Responding to International Cyber Attacks as Acts of War
The Legal Dilemma
The Road Ahead: A Proposal to Use Active Defenses
The Law of War
General Prohibition on the Use of Force
The First Exception: UN Security Council Actions
The Second Exception: Self-Defense
A Subset of Self-Defense: Anticipatory Self-Defense
An Alternate Basis for Using Active Defenses: Reprisals
Nonstate Actors and the Law of War
Armed Attacks by Nonstate Actors
Duties between States
Imputing State Responsibility for Acts by Nonstate Actors
Cross-Border Operations
Analyzing Cyber Attacks under Jus ad Bellum
Cyber Attacks as Armed Attacks
Establishing State Responsibility for Cyber Attacks
The Duty to Prevent Cyber Attacks
Support from International Conventions
Support from State Practice
Support from the General Principles of Law
Support from Judicial Opinions
Fully Defining a State’s Duty to Prevent Cyber Attacks
Sanctuary States and the Practices That Lead to State Responsibility
The Choice to Use Active Defenses
Technological Limitations and Jus ad Bellum Analysis
Limitations on attack detection
Limitations on attack classification
Limitations on attack traces
Jus in Bello Issues Related to the Use of Active Defenses
Active defenses: The most appropriate forceful response
Technological limitations and jus in bello analysis
Conclusion
5. The Intelligence Component to Cyber Warfare
The Korean DDoS Attacks (July 2009)
The Botnet Versus the Malware
The DPRK’s Capabilities in Cyberspace
One Year After the RU-GE War, Social Networking Sites Fall to DDoS Attack
Ingushetia Conflict, August 2009
The Predictive Role of Intelligence
6. Nonstate Hackers and the Social Web
Russia
China
The Middle East
Pakistani Hackers and Facebook
The Dark Side of Social Networks
The Cognitive Shield
Examples of OPSEC violations
Adversary scenarios
Study findings
TwitterGate: A Real-World Example of a Social Engineering Attack with Dire Consequences
Automating the Process
Catching More Spies with Robots
The automation and virtualization of social network entities
Owning social network users for a small budget of $300–$1,300
Bringing down a social network from the inside
7. Follow the Money
False Identities
Components of a Bulletproof Network
ICANN
The Accredited Registrar
The Hosting Company
The Bulletproof Network of StopGeorgia.ru
StopGeorgia.ru
NAUNET.RU
SteadyHost.ru
Innovation IT Solutions Corp
Mirhosting.com
SoftLayer Technologies
SORM-2
The Kremlin and the Russian Internet
Nashi
The Kremlin Spy for Hire Program
Sergei Markov, Estonia, and Nashi
A Three-Tier Model of Command and Control
8. Organized Crime in Cyberspace
A Subtle Threat
Atrivo/Intercage
ESTDomains
McColo: Bulletproof Hosting for the World’s Largest Botnets
Russian Organized Crime and the Kremlin
9. Investigating Attribution
Using Open Source Internet Data
Background
What Is an Autonomous System Network?
Timeline of political events
Analysis
Alternate views
Team Cymru and Its Darknet Report
Using WHOIS
Caveats to Using WHOIS
10. Weaponizing Malware
A New Threat Landscape
StopGeorgia.ru Malware Discussions
SQL injection, blind SQL injection, and using BENCHMARK
Twitter as DDoS Command Post against Iran
Social Engineering
The Social Graph API
Channel Consolidation
An Adversary’s Look at LinkedIn
BIOS-Based Rootkit Attack
Malware for Hire
Anti-Virus Software Cannot Protect You
Targeted Attacks Against Military Brass and Government Executives
Research is the key to offensive capabilities
Delivery of targeted attacks
Command, control, and exfiltration of data
Why client-side 0day vulnerabilities can be so devastating
Protecting against 0day exploits
Defense in Depth
Using technologies such as MOICE and virtualization
Physical separation between data of varying sensitivity
11. The Role of Cyber in Military Doctrine
The Russian Federation
The Foundation for Effective Politics (FEP)
Chronicles of Information Warfare
Analysis
“Wars of the Future Will Be Information Wars”
Who is Alexandr Burutin?
The speech
Analysis
“RF Military Policy in International Information Security”
The paper
Creating a legend for a cyber attack
The Art of Misdirection
China Military Doctrine
Anti-Access Strategies
The 36 Stratagems
US Military Doctrine
12. A Cyber Early Warning Model
The Challenge We Face
Cyber Early Warning Networks
Building an Analytical Framework for Cyber Early Warning
Latent tensions
Cyber reconnaissance
Initiating event
Cyber mobilization
Cyber attack
Cases Studies of Previous Cyber Attacks
Case study: Cyber attacks against Georgia
Case study: GhostNet cyber espionage
Case study: Cyber attacks against Denmark
Lessons Learned
Defense Readiness Condition for Cyberspace
13. Advice for Policymakers from the Field
When It Comes to Cyber Warfare: Shoot the Hostage
The United States Should Use Active Defenses to Defend Its Critical Information Systems
Scenarios and Options to Responding to Cyber Attacks
Scenario 1
Option 1
Option 2
Option 3
Option 4
Scenario 2
Option 1
Option 2
Scenario 3
Option
Scenario 4
Option
In Summary
Whole-of-Nation Cyber Security
14. Conducting Operations in the Cyber-Space-Time Continuum
Anarchist Clusters: Anonymous, LulzSec, and the Anti-Sec Movement
Social Networks: The Geopolitical Strategy of Russian Investment in Social Media
2005: A Turning Point
DST and the Kremlin
The Facebook Revolution
Globalization: How Huawei Bypassed US Monitoring by Partnering with Symantec
15. The Russian Federation: Information Warfare Framework
Russia: The Information Security State
Russian Government Policy
New Laws and Amendments
Government Structures
Russian Ministry of Defense
Administrative Changes
Electronic Warfare Troops
The Federal Service for Technical and Export Control (FSTEC)—Military Unit (Vch) 96010
5th Central Research and Testing Institute of the Russian Defense Ministry (5th TSNIII)—Military Unit (Vch) 33872
18th Central Research Institute of the Russian Defense Ministry (18th CRI MOD)—Military Unit (Vch) 11135
27th Central Research Institute of the Russian Defense Ministry (27th CRI MOD)—Military Unit (Vch) 01168
Internal Security Services: Federal Security Service (FSB), Ministry of Interior (MVD), and Federal Security Organization (FSO)
Federal Security Service Information Security Center (FSB ISC)—Military Unit (Vch) 64829
Russian Federal Security Service Center for Electronic Surveillance of Communications (FSB TSRRSS)—Military Unit (Vch) 71330
FSB Administrative Centers for Information Security
Russian Interior Ministry Center E (MVD Center E)
Russian Interior Ministry Cyber Crimes Directorate (MVD Directorate K)
Implications
Russian Federal Security Organization (FSO)—Military Unit (Vch) 32152
Russian Federation Ministry of Communications and Mass Communications (Minsvyaz)
Roskomnadzor
The cyber vigilantes
Further Research Areas
16. Cyber Warfare Capabilities by Nation-State
Australia
Brazil
Canada
Czech Republic
Democratic People’s Republic of Korea
Estonia
European Union
France
Germany
India
Iran
Israel
Italy
Kenya
Myanmar
NATO
Netherlands
Nigeria
Pakistan
People’s Republic of China
Poland
Republic of Korea
Russian Federation
Singapore
South Africa
Sweden
Taiwan (Republic of China)
Turkey
United Kingdom
17. US Department of Defense Cyber Command and Organizational Structure
Summary
Organization
The Joint Staff
Office of the Secretary of Defense
US Strategic Command (USSTRATCOM)
18. Active Defense for Cyber: A Legal Framework for Covert Countermeasures
Covert Action
Cyber Active Defense Under International Law
Cyber Active Defenses as Covert Action Under International Law
Cyber Attacks Under International Law: Nonstate Actors
Index
About the Author
Colophon
Copyright
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Cover
Next
Next Chapter
Foreword
Inside Cyber Warfare
Jeffrey Carr
Beijing • Cambridge • Farnham • Köln • Sebastopol • Tokyo
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset